Jump to content
Malcontent

Behavioral Blocking / Analysis Features In The Future?

Recommended Posts

Ethos is Immunet's heuristic engine and in a broad sense Spero could be considered a behavior blocker of sorts. "Behavior blocker" processes are proprietary code unique to the various developers and using the term is like observing a pasta recipe needs "sauce."

 

As for 0-day, MRG's Flash tests to date puts Immunet PLUS (with ClamAV and Tetra enabled) in the 58% percentile which is eight to ten points higher (20 higher than Panda) than most of the suites not empowered with a strong HIPS component.

Share this post


Link to post
Share on other sites
Guest Mature

Ethos is Immunet's heuristic engine and in a broad sense Spero could be considered a behavior blocker of sorts. "Behavior blocker" processes are proprietary code unique to the various developers and using the term is like observing a pasta recipe needs "sauce."

 

As for 0-day, MRG's Flash tests to date puts Immunet PLUS (with ClamAV and Tetra enabled) in the 58% percentile which is eight to ten points higher (20 higher than Panda) than most of the suites not empowered with a strong HIPS component.

 

 

 

Not exactly ,generally saying heuristic can be categorized into two types --- Static Analysis and Dynamic Analysis,Static Analysis bases on analyzing file architecture with algorithm ,Dynamic Analysis major access the file actions and give a suggestion,they are two different technology and have each own advantages.Immunet heuristic is major Static Analysis maybe there's virtual machine to perform Dynamic Analysis too,but neither of them is what I asked for.

 

Behavior Blocking /Pro-active Protection/HIPS component are becoming popular since so many market vendors have developed their own Behavior Blocking /Pro-active Protection/HIPS component,Immunet should consider this for further development.

 

 

 

 

 

Share this post


Link to post
Share on other sites

Yeah. Whatever. Good luck with the asking.

 

My reply targeted the original post where I sensed Malcontent's concern that Immunet lacks any behavioral functionality whatsoever.

 

Immunet's core process as delivered by Ethos and Spero is all about behavior and behavior alone.

 

As to it being this analysis or that analysis or that other analysis is a discussion that's a waste of time and bandwidth - a behavior I'm ceasing as of right now.

 

Immunet is for those who seek other than what "so many market vendors have developed" and who've concluded they've succeeded and will continue to excel.

 

EOF

Share this post


Link to post
Share on other sites

If a PC user is concerned about 0 day vulnerabilities there are third party applications one could use as an added layer of protection such as Emsisoft's Mamutu which is a dedicated behavior analyzer/blocker. There are also a number of apps that use a HIPS approach incorporated into the program such as Comodo Internet Security's Defense+ and SpywareBlaster to name just a few.

Share this post


Link to post
Share on other sites

If Immunet will continue to be compatible with more traditional AVs (I hope so) it's better not to add too many features.

Better to work on RAM usage (far too high) and the ocasional CPU peaks.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...